|
|
923a60 |
From 169e74d772eac561a24f461ac65118d3d83a5980 Mon Sep 17 00:00:00 2001
|
|
|
923a60 |
From: Ivan Shapovalov <intelfx100@gmail.com>
|
|
|
923a60 |
Date: Sat, 7 Mar 2015 18:11:32 +0300
|
|
|
923a60 |
Subject: [PATCH] sysusers: do not reject users with already present
|
|
|
923a60 |
/etc/shadow entries
|
|
|
923a60 |
|
|
|
923a60 |
This is needed to interoperate firstboot and sysusers. The former one is started
|
|
|
923a60 |
first, and it writes only /etc/shadow when it is told to set the root password.
|
|
|
923a60 |
It's better to relax checks here than to duplicate functionality in firstboot.
|
|
|
923a60 |
|
|
|
923a60 |
(cherry picked from commit c5abf22514b3925aa6f0d4a3f36f76799bf1911b)
|
|
|
923a60 |
---
|
|
|
923a60 |
src/sysusers/sysusers.c | 23 +++++++++--------------
|
|
|
923a60 |
1 file changed, 9 insertions(+), 14 deletions(-)
|
|
|
923a60 |
|
|
|
923a60 |
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
|
|
|
923a60 |
index e47bcb4dca..76b5962c51 100644
|
|
|
923a60 |
--- a/src/sysusers/sysusers.c
|
|
|
923a60 |
+++ b/src/sysusers/sysusers.c
|
|
|
923a60 |
@@ -605,6 +605,8 @@ static int write_files(void) {
|
|
|
923a60 |
if (r < 0)
|
|
|
923a60 |
goto finish;
|
|
|
923a60 |
|
|
|
923a60 |
+ lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
|
|
|
923a60 |
+
|
|
|
923a60 |
original = fopen(shadow_path, "re");
|
|
|
923a60 |
if (original) {
|
|
|
923a60 |
struct spwd *sp;
|
|
|
923a60 |
@@ -618,8 +620,13 @@ static int write_files(void) {
|
|
|
923a60 |
|
|
|
923a60 |
i = hashmap_get(users, sp->sp_namp);
|
|
|
923a60 |
if (i && i->todo_user) {
|
|
|
923a60 |
- r = -EEXIST;
|
|
|
923a60 |
- goto finish;
|
|
|
923a60 |
+ /* we will update the existing entry */
|
|
|
923a60 |
+ sp->sp_lstchg = lstchg;
|
|
|
923a60 |
+
|
|
|
923a60 |
+ /* only the /etc/shadow stage is left, so we can
|
|
|
923a60 |
+ * safely remove the item from the todo set */
|
|
|
923a60 |
+ i->todo_user = false;
|
|
|
923a60 |
+ hashmap_remove(todo_uids, UID_TO_PTR(i->uid));
|
|
|
923a60 |
}
|
|
|
923a60 |
|
|
|
923a60 |
errno = 0;
|
|
|
923a60 |
@@ -642,7 +649,6 @@ static int write_files(void) {
|
|
|
923a60 |
goto finish;
|
|
|
923a60 |
}
|
|
|
923a60 |
|
|
|
923a60 |
- lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
|
|
|
923a60 |
HASHMAP_FOREACH(i, todo_uids, iterator) {
|
|
|
923a60 |
struct spwd n = {
|
|
|
923a60 |
.sp_namp = i->name,
|
|
|
923a60 |
@@ -879,7 +885,6 @@ static int add_user(Item *i) {
|
|
|
923a60 |
|
|
|
923a60 |
if (!arg_root) {
|
|
|
923a60 |
struct passwd *p;
|
|
|
923a60 |
- struct spwd *sp;
|
|
|
923a60 |
|
|
|
923a60 |
/* Also check NSS */
|
|
|
923a60 |
errno = 0;
|
|
|
923a60 |
@@ -895,16 +900,6 @@ static int add_user(Item *i) {
|
|
|
923a60 |
}
|
|
|
923a60 |
if (!IN_SET(errno, 0, ENOENT))
|
|
|
923a60 |
return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
|
|
|
923a60 |
-
|
|
|
923a60 |
- /* And shadow too, just to be sure */
|
|
|
923a60 |
- errno = 0;
|
|
|
923a60 |
- sp = getspnam(i->name);
|
|
|
923a60 |
- if (sp) {
|
|
|
923a60 |
- log_error("User %s already exists in shadow database, but not in user database.", i->name);
|
|
|
923a60 |
- return -EBADMSG;
|
|
|
923a60 |
- }
|
|
|
923a60 |
- if (!IN_SET(errno, 0, ENOENT))
|
|
|
923a60 |
- return log_error_errno(errno, "Failed to check if user %s already exists in shadow database: %m", i->name);
|
|
|
923a60 |
}
|
|
|
923a60 |
|
|
|
923a60 |
/* Try to use the suggested numeric uid */
|